Wireshark command-line fu

In order to work conveniently with the command-line tools that come with Wireshark, it is recommended to add the path of the local Wireshark directory to the system environment variables. As we move ahead, I will assume that you've already configured the system environment variable as mentioned. Having said that, now let's look at the following more useful command-line utilities that ship with Wireshark:

tshark
capinfos
editcap
mergecap

Tip

Pass the -h argument with any of the command-line utilities to browse through the help options with each utility. For example, open the command prompt and run tshark –h.

tshark

The command-line version of Wireshark: tshark is used to capture and often display packets in typical situations ...

Get Wireshark Network Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Wireshark Network Security by Piyush Verma

Wireshark command-line fu

Tip

tshark

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly